文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >配置Geoserver用于Azure应用程序服务

配置Geoserver用于Azure应用程序服务
EN

Stack Overflow用户
提问于 2021-05-19 12:54:59
回答 2查看 407关注 0票数 0

我有一个Azure应用程序服务(Tomcat9.0和Java 11),配置了AD身份验证,我已经在上面部署了Geoserver 2.18 WAR。

当我尝试访问geoserver时,我得到了主页ok,但是当我尝试使用默认geoserver凭据登录时,我得到了堆栈跟踪:

代码语言:javascript
复制
java.lang.IllegalArgumentException: Failed to parse address1.2.3.4, 5.6.7.8, 9.10.11.12
    org.springframework.security.web.util.matcher.IpAddressMatcher.parseAddress(IpAddressMatcher.java:107)
    org.springframework.security.web.util.matcher.IpAddressMatcher.matches(IpAddressMatcher.java:66)
    org.springframework.security.web.util.matcher.IpAddressMatcher.matches(IpAddressMatcher.java:62)
    org.geoserver.security.BruteForceListener.lambda$requestAddressInWhiteList$0(BruteForceListener.java:126)
    java.base/java.util.stream.MatchOps$1MatchSink.accept(Unknown Source)
    java.base/java.util.ArrayList$ArrayListSpliterator.tryAdvance(Unknown Source)
    java.base/java.util.stream.ReferencePipeline.forEachWithCancel(Unknown Source)
    java.base/java.util.stream.AbstractPipeline.copyIntoWithCancel(Unknown Source)
    java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
    java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source)
    java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(Unknown Source)
    java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(Unknown Source)
    java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
    java.base/java.util.stream.ReferencePipeline.anyMatch(Unknown Source)
    org.geoserver.security.BruteForceListener.requestAddressInWhiteList(BruteForceListener.java:126)
    org.geoserver.security.BruteForceListener.onApplicationEvent(BruteForceListener.java:65)
    org.geoserver.security.BruteForceListener.onApplicationEvent(BruteForceListener.java:28)
org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)
    org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)
    org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
    org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:403)
    org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:360)
    org.springframework.security.authentication.DefaultAuthenticationEventPublisher.publishAuthenticationSuccess(DefaultAuthenticationEventPublisher.java:99)
    org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:224)
    org.geoserver.security.GeoServerSecurityManager$1.authenticate(GeoServerSecurityManager.java:315)
    org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
    org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
    org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:74)
    org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
    org.geoserver.security.filter.GeoServerUserNamePasswordAuthenticationFilter.doFilter(GeoServerUserNamePasswordAuthenticationFilter.java:122)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:70)
    org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
    org.geoserver.security.filter.GeoServerSecurityContextPersistenceFilter$1.doFilter(GeoServerSecurityContextPersistenceFilter.java:52)
    org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:74)
    org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
    org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
    org.geoserver.security.GeoServerSecurityFilterChainProxy.doFilter(GeoServerSecurityFilterChainProxy.java:142)
    org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
    org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
    org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:101)
    org.geoserver.filters.XFrameOptionsFilter.doFilter(XFrameOptionsFilter.java:77)
    org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:47)
    org.geoserver.filters.SessionDebugFilter.doFilter(SessionDebugFilter.java:46)
    org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:42)
    org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    com.microsoft.azure.appservice.filters.AppServiceFilter.doFilter(AppServiceFilter.java:53)
    com.microsoft.azure.appservice.EasyAuthFilter.doFilter(EasyAuthFilter.java:42)

(出于隐私原因,我已将堆栈跟踪中的3个IP替换为虚拟IP)

检查Azure的身份验证代理发送给geoserver的header,以及x-forwarded-for HTTP头中3个IP的字符串匹配是否正确。

我没有配置什么东西吗?在geoserver的安全设置上有点困难,因为我无法登录!

java
geoserver
EN

回答 2

Stack Overflow用户

回答已采纳

发布于 2021-05-19 14:13:27

好吧,经过更深入的挖掘,我认为我找到了一个解决办法。Geoserver在其蛮力登录预防中使用IpAddressMatcher。IpAddressMatcher期望headers中有一个IP地址。Azure有多个,所以这会引起问题。

通过编辑$GEOSERVER_DATA_DIR/security/config.xml并在底部附近将bruteForcePrevention更改为false,可以禁用蛮力登录检测,如下所示:

代码语言:javascript
复制
  <bruteForcePrevention>
    <enabled>false</enabled>
    <minDelaySeconds>1</minDelaySeconds>
    <maxDelaySeconds>5</maxDelaySeconds>
    <maxBlockedThreads>100</maxBlockedThreads>
    <whitelistedMasks>
      <string>127.0.0.1</string>
    </whitelistedMasks>
  </bruteForcePrevention>

重新启动tomcat,现在geoserver工作,我可以登录。

票数 0
EN

Stack Overflow用户

发布于 2022-06-15 12:23:38

我发现java 1.8.0_181是我在将GeoServer加载到Azure的时可以使用的最新版本。我目前使用的是Java8,较小的Java 9.0.46版本的1.8.0_181。在这个版本之后,他们似乎放弃了oracle,并且可能存在某种类型的依赖,导致您无法在Azure中运行高于该版本的任何东西(GeoServer支持Java11)。我很想知道是否有人找到了所需的确切依赖性!我也想知道Azure是否会重新实现这些依赖关系,这样用户就可以迁移到Java 11!我希望这有助于您在Azure中实现GeoServer。

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/67603706

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档